Domain > vrndmdrdrjoff.com

More information on this domain is in AlienVault OTX

Is this malicious?

Files that talk to vrndmdrdrjoff.com

MD5	A/V
83fcf55f5faa2262355c3420ae1bce9e	[TR/Ramnit.A.107] [Win32/Kryptik.CTQR] [Inject2.BIYS] [Trojan.Win32.Nimnul.gkx]
d9fbd657a2a38c024e2d323b02539674	[TR/Ramnit.A.107] [Trojan-Ransom.Win32.Foreign.lhls]
02d8e5f0a5288bbbf70c6d68e105a2bd	[TR/Ramnit.A.109] [Win32/Ramnit.RQdcTbC] [Win32/Kryptik.CUVI] [W32/Kryptik.CUIW!tr] [Crypt3.BMPP] [Trojan.Win32.Crypt] [Trojan-Ransom.Win32.Foreign.lhog] [Trojan.FakeAdobe.ED] [Gamarue-FAS!02D8E5F0A528] [Trojan*Win32/Ramnit] [Trojan.Nimnul]
24493f8bd34ac9c04fa774647e7120a6	[Trojan.Foreign.2] [W32/Trojan.UFRX-1650] [TR/Ramnit.A.107] [Win32/Ramnit.NYSVDWC] [Win32/Kryptik.CTQR] [W32/Foreign.AKZV!tr] [Inject2.BIYS] [Trojan-Ransom.Win32.Foreign] [Trojan-Ransom.Win32.Foreign.lhol] [Gamarue-FAS!24493F8BD34A] [Trojan*Win32/Ramnit] [Trojan.Nimnul]
a3c5c76185ab2110cf35df85a532ba9d	[Trojan.Foreign.2] [W32/Trojan.UFRK-1650] [TR/Ramnit.A.107] [Win32/Ramnit.NYSVDWC] [Win32/Kryptik.CTQR] [W32/Kryptik.AKZV!tr] [Inject2.BIYS] [Trojan.Win32.Crypt] [Gamarue-FAS!A3C5C76185AB] [Trojan*Win32/Ramnit.A] [Trojan.Nimnul]
0516a45ac14ac4e79520f4d66d2e1914	[Trojan.Foreign.2] [W32/Trojan.UEOE-1650] [TR/Ramnit.A.107] [Win32/Ramnit.NYSVDWC] [Win32/Kryptik.CTQR] [Inject2.BIYS] [Trojan.Win32.Crypt] [Gamarue-FAS!0516A45AC14A] [Trojan*Win32/Ramnit.A] [Trojan.Nimnul]
b77960f8446ec11dbbdfafd8b28bdd46	[Trojan.Nimnul!GnfrxalOE+0] [WS.Reputation.1] [TROJ_FORUCON.BMC] [Trojan.Win32.Nimnul.elb] [Trojan.Win32.Nimnul.cxobwi] [Win32.Trojan.Nimnul.Pfsz] [UnclassifiedMalware] [TR/Ramnit.A.24] [Trojan/Win32.Nimnul] [Trojan:Win32/Ramnit.A] [Backdoor/Win32.Necurs] [Trojan.Lebros] [W32/Nimnul.CASZ!tr] [Lebros.EF] [Win32/Trojan.d00]
f9934ea34cd74e6a03d02eaac84d9317	[TR/Ramnit.A.109] [Win32/Ramnit.RQdcTbC] [Win32/Kryptik.CUVI] [W32/Kryptik.CUIW!tr] [Crypt3.BMPP] [Trojan.FakeAdobe.ED] [Gamarue-FAS!F9934EA34CD7] [Trojan*Win32/Ramnit] [Trojan.Nimnul]
cbc67f95baccff37457e221aa943e733	[W32/Trojan.BKOB-9125] [TR/Ramnit.A.109] [Win32/Ramnit.RQdcTbC] [TrojanRansom.Foreign.r4] [Win32/Kryptik.CUIW] [W32/Kryptik.CTQR!tr] [Crypt3.BMPP] [Trojan-Ransom.Win32.Foreign] [Trojan-Ransom.Win32.Foreign.lhrj] [Trojan.FakeAdobe.ED] [Trojan*Win32/Ramnit]
2f55923b5ef8deb0025f08f328232c50	[BehavesLike.Win32.Dropper.ch]
b01ff24f80ede970b315b35ee612a5d8	[W32/Trojan.VAJW-4634] [TR/Crypt.ZPACK.101164] [Trojan.Nimnul.r4] [Win32/Kryptik.COHR] [W32/Nimnul.COHR!tr] [Crypt3.BAPD] [Trojan.Win32.Nimnul] [Trojan.Win32.Nimnul.gfa] [Trojan*Win32/Ramnit.A] [Trojan.Asprox.B] [TROJ_DYER.BMC] [Trojan.Nimnul]
1f808e7df73d92618ad4c5883f8b6646	[W32/Trojan.UEWE-1650] [TR/Ramnit.A.107] [Win32/Ramnit.NYSVDWC] [Win32/Kryptik.CTQR] [W32/Foreign.AKZV!tr] [Inject2.BIYS] [Trojan-Ransom.Win32.Foreign] [Trojan-Ransom.Win32.Foreign.lhok] [RDN/Ransom!em]
8c53697d4aaa6b40965bd651bb9d8a34	[W32/Trojan.UFEK-1650] [TR/Ramnit.A.107] [Win32/Ramnit.NYSVDWC] [Win32/Kryptik.CTQR] [Inject2.BIYS] [Trojan.Win32.Crypt]
7aed8c4e608d7e59c08a907205bfb802	[Trojan.Foreign.2] [W32/Trojan.YDIP-4979] [TR/Crypt.ZPACK.110873] [Win32/Kryptik.CRIJ] [W32/Kryptik.CRFT!tr] [Win32/Cryptor] [Trojan.Win32.Nimnul] [Trojan.Win32.Nimnul.gja] [Trojan.Inject] [Troj/Wonton-NE]

Whois

Property	Value
Email	redswoodster@engineer.com
NameServer	NS12.MICROSOFTINTERNETSAFETY.NET
Created	2014-10-30 00:00:00
Changed	2015-02-24 00:00:00
Expires	2015-10-30 00:00:00
Registrar	PDR LTD. D/B/A PUBLI

DNS Resolutions

Date	IP Address
2015-06-15	204.95.99.228 (ClassC)
2023-09-16	72.26.218.70 (ClassC)
2024-05-02	34.175.230.209 (ClassC)
2025-01-26	34.253.216.9 (ClassC)
2025-03-09	52.30.198.106 (ClassC)
2025-06-04	3.249.135.232 (ClassC)
2025-08-03	34.253.60.188 (ClassC)

Subdomains

Date	Domain	IP
ns3.vrndmdrdrjoff.com	2025-05-10	3.214.185.54
www.vrndmdrdrjoff.com	2024-11-25	34.253.216.9

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]